Prevent Data Leaks Caused by Web Applications – eScan

February 25, 2019

Security Researcher Elliot Alderson has discovered a huge leak of Aadhaar numbers from Indane’s website as well as app. The leak has not just put Aadhaar number of 6.7 million people at stake but also their personal details.

Data breaches like these do not necessarily translate into a complicated attack by hackers, they may be simple attacks attributed to configuration errors or unpatched systems or coding error. However, when the same issues are discovered by Security Researchers, who put in efforts to find a way into the system and following the processes laid down for responsible disclosure, then these are termed as bugs / vulnerabilities.

Organizations lately have been hiring researchers to find vulnerabilities in their networks / systems with the objective to ensure that their systems are protected and decrease the footprint of the attack surface that may otherwise allow easy access to the hackers.

Existence of vulnerabilities in Web Applications, pose a greater risk to the integrity of the entire system, while mobility being the new mantra, we are embracing web-application and are moving towards cloud based systems at a much greater pace than ever before. Web-Applications viz, ERP, CRM, Emails are a conduit to the data which is essential for the functioning of an organization and unlike their stand-alone / networked counterparts, have a much larger attack surface.

Search engine caching paradigm

According to eScan, there have been instances when confidential datasets have been cached by Google, which otherwise shouldn’t have been left exposed for general public to view and for hackers to gain foothold into the system.

Caching of datasets by search engine is an excellent example to the non-existence / therein lack of Authentication and Access Management, which is an inherent requirement when data is being served. The recent leak which was exposed by the French Researcher “Elliot Alderson” was cached by Google’s Search Engine, furthermore, this cached dataset was devoid of authentication would have allowed anyone with scripting knowledge to automate the data-mining tasks on the actual urls. Presently, as per our observation, the erring URIs has been taken down by Indane.

Could this have been averted?

Dynamic Application Security Testing facilitates organizations to test their web-based applications / web-sites for existence of vulnerabilities viz. XSS, CSRF, SQLi, LFI / RFI, furthermore, pages which are supposed to be accessible after authentication are also tested for vulnerabilities which may allow users to gain access to the other resources served by the application.

In this case Unauthenticated API Endpoints were solely responsible for allowing anyone with the knowledge of using Google Search Engine to gain access to the datasets, which otherwise should have been protected.

DAST Solutions also facilitate organizations to discover such vulnerable end-points not just by crawling the web-application by also by querying and analyzing the results of the search engines.

The need of the hour for all organizations which handle sensitive data should conduct regular DAST audits of their web-applications.

Advertisements

eScan Hosts Goa Incentive Trip for its Channel Partners

February 20, 2019

MUMBAI, India – February 20, 2019 – eScan, one of the leading security solution providers had launched a Silver Jubilee offer to reward its channel partners with 2 nights and 3 days trip to Goa. The offer was launched exclusively for Mumbai region and about 79 people from the region had been to the destination.

The 2 Nights & 3 Days luxury outing to Goa was packed with tranquil sightseeing in South Goa, enjoying water sports on the beach, followed by a boat cruise in Mandovi River. Be that as it may, the highlighting feature of the outing was extravagant gala dinner at the Hotel Fern Kadamba. The whole excursion included stay at a luxury 5-star hotel, aside from visiting beaches and local shopping in Goa.

Mr. RK Balu, General Manager, Channel Sales for India, eScan said, “Trips like these helps us to establish a closer bond with our partners and understand their needs. With a tremendous response and satisfied partners, we are planning towards more such attractive schemes and trips for our partners in the coming future.”

eScan values its relationship with the channel partners and with this scheme rewards their commitment for their contribution to making the company reach the end users. Being a channel oriented brand, it has always supported its partners with different and exciting offers and rewarding them for their dedication and consistent efforts towards the brand.

# # #

About eScan:

eScan is an ISO (27001) certified pure-play enterprise security solution company with over 2 decades of expertise in developing IT security solutions. eScan today has a presence in 12 countries through its offices and subsidiaries. It also boasts of a robust channel partner network of more than 50,000 partners spread across 190 countries worldwide. It is trusted by more than 6,500 enterprise and corporate users spread across various industry segments such as Government, BFSI, Education, Defense, Telecom, IT & ITeS, Infrastructure, Hospitality, and Healthcare worldwide.

It is powered by some of the latest and innovative technologies, such as Proactive Behavioral Analysis Engine (PBAE) Technology, MicroWorld Winsock Layer (MWL) Technology, Domain & IP Reputation Check (DIRC) Technology, Non-Intrusive Learning Pattern (NILP) Technology, and sophisticated Anti-Virus Heuristic Algorithms that not only provide protection from current threats, but also provides proactive protection against the ever-evolving cyber threats. eScan provides 24×7 free remote support facility to help its esteemed users to provide real-time solutions for security-related issues.

For more information, visit www.escanav.com


Conventional IT Security approach is very soon going to be obsolete

December 6, 2018

Organizations have been battling a war against vulnerabilities and bugs existing in their IT infrastructure introduced by the vendors. IoT devices are the forefront runners in this race and have been responsible for crippling the Internet.

Mirai Botnet took advantage of these vulnerable IoT devices and hackers have been using these very vulnerabilities to launch massive DDOS attacks. Traditionally IoT device vendors have been taking for granted the entire concept of IT Security and insecure coding standards are to be blamed for this. Furthermore, the turn-around time to issue patch updates to these vulnerable devices is very high or simply does not exist.

Recently, TheHackerGiraffe exploited one such vulnerability existing in Printers connected to the Internet and hacked them to print his message. Such incidents force us to contemplate on the existing issues governing the IT Security landscape and conventional methods used to protect the devices from the prying eyes of hackers.

All the stakeholders involved in the development/deployment of IoT devices have to retrospect their approach towards implementing Security Processes / Standards and they may have to digress from the conventional outlook they have towards the securing IoT devices.

Be it Quora or Dell, in the past few weeks their security defenses have been breached and their sensitive user-centric data pilfered by hackers. Data is the new oil and every organization has been investing heavily into securing their networks; however, this has not prevented the hackers from breaching the defenses and stealing the data, which were supposed to be prevented by the systems and process that were in place.

The security product offerings in the present day although advanced but are lacking the essential component viz. understanding the user behavior and collating all the incidents and making sense out of them. Artificial Intelligence in IT Security is the missing component. Breaking away from the conventional approach of securing end-points, implementing IDS/IPS, NG Firewalls may prevent the majority of the attacks, however, for a motivated/experienced hacker, conventional methods will always fail.

In coming years, IT Security Product landscape will change drastically from the rule/signature-based engines to intuitive AI based ones.


Extortion spam emails have raked in INR 1.5 Crore since August 2018: eScan

October 11, 2018

Although Bitcoin has been the most volatile in the past few years, yet this has not deterred the criminals from collecting bits from the Bitcoins. When we talk about extortion, we have seen the emergence and effectiveness of Ransomware using Bitcoins and other forms of crypto-currencies. We have also seen Crypto-Currency Miner (sic.Monero) being deployed on hacked servers/systems, so as to take advantage of the computational resources and generate crypto-currencies. However, lately, we have seen a rising trend in extortion emails, asking for Bitcoins.

These emails are in plain text format and warn the recipient of a malware being deployed on an Adult Porn Site, furthermore, in the mails, it is also explained in brief how the recipient’s, the webcam was hacked, keylogger was deployed and the login credentials were stolen. The email also explains that a video was captured while they were busy visiting the Adult Porn site and the recipient is threatened with dire consequences viz. sharing of the video with those present in the stolen address book.

Similar to Ransomware and Miner Attacks, this scam also relies on the anonymity provided by crypto-currencies. It’s a simple plain text threat, based on the premise that the recipient has visited some Porn site. The criminals have in most of the cases, successfully invoked the aspect of fear and social stigma into the psych/mind of the email recipients.

eScan’s research team has been analyzing and tracking these emails and most importantly, the Bitcoin addresses found in these mails. The Modus-Operandi of the criminals is to

  1. Create Bitcoin-Address for every Spam campaign.
  2. In case the recipient’s do pay up the extortion BTCs, the BTC is broken down and transferred to multiple Bitcoin Wallets so as to ensure that researchers find it difficult to track the transactions.
  3. The breakdown and subsequent transfer of the BTC is done a couple of times, hence at the end of third iteration we have close to 100 BTC wallets.
  4. Finally, all these wallets are consolidated and the BTCs transferred to one single wallet.

During the course of research, we came across numerous wallets with one of them (3FJDeT2E1fWb4oZBeub4MH9ennUp5e4QG6) having received around 31 BTC and were then sent to other wallets. The criminals have sometimes transferred the BTCs to Escrow Accounts / Exchanges to further anonymize/convert the BTCs into cash. At the existing exchange rate of BTC, the wallet was worth 1,49,09,139 INR and thus the Spam Campaign can be considered highly profitable and successful.

Some of the BTC addresses of the campaign:

  1. 19YayKasVoiRcjcihqmUpjVwvWB9aGyKCC
  2. 1DtBY4zD7cK35fpbNecpxSaEuEmfu9uyVG
  3. 1BmXuzjeWdoBKhsX8kJMNBFz5uJzrc2Gvc
  4. 1HRpxFdKGc7Anb7xfpQf3tmAcH6pph2ssX
  5. 1FCaw9jXhHveRyLxB54ypCpJ2CtanVoLC1
  6. 1MJcj7MdWeKR7eT7PukLG78jcRGf4opcsD

Due to the anonymity provided it is impossible to track the identity of the Wallet Owner. Since the month of August 2018, there has been steady increase in these extortion spam mails.

According to eScan researchers these mails are a part of a spam campaign and advices that recipients shouldn’t reply to these emails. However, since this campaign is in its nascent stages, there is a possibility that in near future the emails might be weaponized with the usual variants.

Prevention Measures:

  1. Ensure to not reply to these emails at all.
  2. Install and Configure eScan with all security modules active.
  3. eScan Real Time Monitoring
  4. eScan Proactive protection
  5. eScan Firewall IDS/IPS Intrusion prevention
  6. Users shouldn’t enable macros in documents.
  7. Organizations should deploy and maintain a backup solution.
  8. Most important, Organizations should implement MailScan at the Gateway Level for mail servers, to contain the spread of suspicious attachments.

eScan Marks 25 Years of Success in the IT Security Industry; Celebrates with Its PAN India Partners

September 6, 2018

Going stronger on the security eScan launched 10 Users Anti-Virus Total Protection for SOHO

DELHI, India September 6, 2018 – eScan, one of the leading Total security solution developers, turned 25 this year. To commemorate this milestone event, eScan hosted ‘Mega Event’ for its PAN India partners in association with KK software Pvt Ltd. They also introduced eScan Anti-Virus Total Protection with 10 Users for the SOHO section. The event was held at Raddison Blu Hotel, New Delhi which witnessed around 100 partners from all over India.

During the event, eScan showcased and educated the partners about its latest products and new solutions for IT security. They also announced beneficial channel schemes that will benefit eScan’s privileged channel partners with good value proposition and profits. Further, channel partners were given awards and recognition to motivate and keep the partners committed to build, develop and sustain long-term and healthy relationships with us.

eScan launched a special offer for the partners in association with KK Software Pvt. Ltd. The offer includes various trips to Switzerland, Pattaya and Goa to be claimed by the partners on purchase of certain number of eScan Anti-Virus with Total Protection and eScan Internet Security Suite box products. eScan values its relationship with the channel partners and with this scheme, rewards their commitment for their contribution to make the company reach the end users.

For eScan stock images click here

On behalf of the entire eScan team, we would like to sincerely thank everyone who helped us reach this milestone. The last 25 years have been filled with challenges, hard work, dedication, innovation and lot of success. All these years as industry leaders, we have always pushed our limits by reinventing and consistently delivering the best of class security solutions. We promise to continue this momentum to stay ahead in the game so that our partners as well as our customers can get the best that the industry has to offer,” said Mr Sunil Kripalani, Senior Vice President, Global Sales and Marketing, eScan.

Mr RK Balu, General Manager, eScan, “eScan today boasts of worldwide reach for its solid R&D and customization abilities. Our channel partners play a very significant role in the many milestones we have achieved in the last 25 years. We believe that with the new IT security solutions that have we launched, it will help us immensely to get into a much bigger growth in the coming years.”

eScan Anti-Virus Total Protection, designed for home and small office users, is a comprehensive Anti-Virus and Content Security Solution that provides complete protection to your computers against malicious content and security threats, such as Ransomware, Spyware, Adware, Keyloggers, Rootkits, Botnets, Phishing and more. eScan’s range of security solutions are certified by Global testing bodies like AV Test, AV Comparatives’ Real World Test & Real Protection Test and VB 100 Test and many others.

# # #

About eScan

eScan is an ISO (27001) certified pure play enterprise security solution company with over 2 decades of expertise in developing IT security solutions. eScan today has a presence in 12 countries through its offices and subsidiaries. It also boasts of a robust channel partner network of more than 50, 000 partners spread across 190 countries worldwide. It is trusted by more than 6,500 enterprise and corporate users spread across various industry segments such as Government, BFSI, Education, Defense, Telecom, IT & ITeS, Infrastructure, Hospitality, and Healthcare worldwide.

It is powered by some of the latest and innovative technologies, such as Proactive Behavioral Analysis Engine (PBAE) Technology, MicroWorld Winsock Layer (MWL) Technology, Domain & IP Reputation Check (DIRC) Technology, Non-Intrusive Learning Pattern (NILP) Technology, and sophisticated Anti-Virus Heuristic Algorithms that not only provide protection from current threats, but also provides proactive protection against the ever-evolving cyber threats. eScan provides 24×7 free remote support facility to help its esteemed users to provide real-time solutions for security related issues.

For more information, visit www.escanav.com


%d bloggers like this: